Gateway Question help!

itdaddy

Hey gurus check this out...I thought you had to have the gateway and ip on the same subnet? for it to work? but this works for any gateway subnet 1-4 why?



for example TCP/IP setting

IP: 192.168.1.85
SMask: 255.255.255.0 /24
DG: 192.168.1.2, or 192.168.2.2, or 192.168.4.4, or 192.168.3.3

holy crap when i do the subnetting

1 subnet due to subnet bits = 0
8 host bits equals 254 host per subnet

what gives why does this gateway ip subnet no matter 1-4 in the 3rd octet work.
i thought i woudl get a cisco question on ccna dealing with this difference
why does this work arent they on separate subnets?????
help

see separate subnets???? below

Subnet , Valid Hosts , Broadcast
192.168.1.0 , 192.168.1.1 to 192.168.1.254 , 192.168.1.255
192.168.2.0 , 192.168.2.1 to 192.168.2.254 , 192.168.2.255
192.168.3.0 , 192.168.3.1 to 192.168.3.254 , 192.168.3.255
192.168.4.0 , 192.168.4.1 to 192.168.4.254 , 192.168.4.255

Netstudent

Do you have your machine directly connected to the router with a crossover cable?

Also when you have your DG set to a subnet other than your local IP, are you trying to ping IP's in the same subnet as the machine or IP's in other subnets?

If you are pinging IP's in the same subnet as your machine, then it does not need a DG.

What is your definition of "work"?

itdaddy

Do you have your machine directly connected to the router with a crossover cable?

Also when you have your DG set to a subnet other than your local IP, are you trying to ping IP's in the same subnet as the machine or IP's in other subnets?

If you are pinging IP's in the same subnet as your machine, then it does not need a DG.

What is your definition of "work"?

no i am connected to patch panel into a switch

when i change DG it is a though nothing has changed?

i know if i dont have DG i can ping any address in my subnet

i am only confused no matter what DG i pick in our 4 gateway choices
it still works internet and ip pings to all ips no matter what subnet range??
is this because of Vlans that are setup Router on a stick (intervlan access why this works?)

i thought in theory if i change the DG to any subnet range other than its own ip subnet
it would not work but it does...serious..

Kalabin

I thought that if you are connected to a switch, which is then connected to a router running router on a stick for VLAN's, you could specify a gateway that is not withing your assigned subnet but does reside on that interface.

And I could be completely wrong, but if the router has 4 subinterface's configured on FA0/1 which then supplies VLAN info to the switch, that the directly connected gateway's would "work". Since it's a directly connected route, still take's the same path, and that router know's the routing information to get to the designated network on the vlan it could be possible?

Since the packet is only concerned with the source / destination IP address and not the gateway assigned, the gateway just know's the route's needed to be taken.

Don't take my word for this, but in theory I guess it sound's like it could work.

itdaddy

Kalabin


dude i think you right what else could it be???
that is why i am confused..i think our routers do know each others subnet via vlan and router on stick setup on each gateway.

cause they are in different subnets for sure i just tried to take a text book scenariou
and try it for reals on our work network since i know the IPs of the 3 other gateways
which are on clearly different subnets! but in text book scenariou

ip
mask
ip of gatewa (in same subnet as ip above)

this is test book but i just tried it and clearly it worked due to ROS that is my gut feeling only
but what else could it be we do have L3 swicthes maybe some how in the configs it just knows where each subnet is and is transferred to each swicth at each of our locations

we need a senior guy to verify this is there any takers???????

mikearama

Well, in theory, what you are doing is impossible. You MUST still have the correct gateway in your PC's config somewhere. ROS has nothing to do with what you're describing... that affects routing protocol updates from the other side of the router, not the "lan" side.

Here, to make it simple, let's consider what a PC does when it wants to send a packet to a network other than its own, and a) it has a gateway; b) it does not have a gateway.

You're on the 192.168.1.0 /24 network, and your gateway is 1.2. For any packet destined outside of the subnet, your pc knows to send the packet to 1.2.

In the absence of a gateway, your pc will broadcast for the mac of the end device, and it will not get a reply, and you should get a "destination unreachable" error. With no end device replying back with a mac address, the packet gets dropped. The router will not reply.

The only way around this, to my knowledge, besides you having multiple gateways (so the correct one of 1.2 is still there), is to have 'ip proxy arp' running on the router's interface... then it will reply with its mac for any host on another network.

So, how about giving us a 'sh run int f0/0' (or whatever it is) on the router's lan port, and copy up an 'ipconfig /all' when you think your hypothesis is working. We're missing something somewhere, cause this just can't work.

Mike

Netwurk

Agree with Mike that the ipconfig and show int outputs would help

Also, if you make an incorrect change, there could be some cached layer 2 info that overcomes your mistake. Even then, things would only work temporarily

Kalabin

What Mike said does make sense.

I'm brain dead this morning, but ROS allow's the VLAN's to talk to one another, but them being on the same physical interface mean's nothing since it's a logical interface. I'm banking on what Mike said about ip proxy arp being enabled on the router.

This stuff is fun!...and I need sleep!

itdaddy

I can set the DG for my PC to any of the 4 gateways ip (subnets) we have 4 branch offices
connected via PTP T1 lines 4 separate subnets 1,2,3,4 and i can put any of our gateway
ips in for my local PC TCP/IP setting and i can still operate as though nothing happened.
if not ROS then what? in theory this should not work

each branch has L3 switch then 2800 series gateway! to CSU/DSU then smart jack T1



notice below the 2.2 subnet for DG

IP Address. . . . . . . . . . . . : 192.168.1.85
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.2
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.2.1
Primary WINS Server . . . . . . . : 192.168.3.10
Secondary WINS Server . . . . . . : 192.168.1.1

notice below the 3.2 subnet for DG

IP Address. . . . . . . . . . . . : 192.168.1.85
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.3.2
DNS Servers . . . . . . . . . . . : 192.168.1.1
192.168.2.1
Primary WINS Server . . . . . . . : 192.168.3.10
Secondary WINS Server . . . . . . : 192.168.1.1
[/quote]

cant giv eyou the router config (top secret) boss would screem
any way i can test the proxy arp theroy from local pc?? you say the router
uses mack address L2 communictaion and is not even looking at the gateway
so what is it called that is enabled on the routers? what kind of service mike???

itdaddy

arp -d * is clean on my pc i ran this command? so you are saying it is doing a mac routing
or layer 2 routing ???? and my gateway at local branch tied to my pc has mac to IP??? and then finds the ip or the gateway???

reverse arp kind of like

ip to mac
mac to ip you are saying the router or switch is doingthis it would have to be switch or router
we do have L3 switches at each branch.

itdaddy

is to have 'ip proxy arp' running on the router's interface... then it will reply with its mac for any host on another network.

sounds logical but then it does circumvent the same subnet theory! or fact! that DG and IP
of local machine must be in same subnet range...?
it is using reverse arp which would be mac to ip huh right?

mikearama

IP proxy arp has to be explicitly turned on... your admin would know if you're running it.

Can you post up your PC's routing table? Do a route print and show us what you've got in there. I'd bet there's still a route pointing at your correct gateway.

As for Proxy ARP, if you look it up, it isn't layer 2 routing in the strictest sense, but it does allow reaching outside networks without having to run a routing protocol.

http://www.cisco.com/warp/public/105/5.html

So, since your PC has the incorrect gateway, a default route for unknown destinations won't work. Your PC tries to resolve an IP by arp broadcasting. The router, in this case, replies back with its mac address, and your pc sends its packet.

And it's not RARP... just regular ol' ARP. The IP's are known, it's the destinations mac that your PC needs before it can send a package. I think your router is providing its MAC to your PC.

Anyway, that's my hypothesis.

Mike

itdaddy

mikearama


I think your right about proxy arp....I wish I could look at our routers but I have been
band for while long story..I made a mistake and was band for a while.My boss is difficult.


one day i will get my Priv Exec password back

itdaddy

Mikearama

got it. Here is my test with say a /16 vs /24 bit subnet using the pdf eample from cisco you gave me...

arp table on my pc is this(mock ip addresses not reall ones) but the same concept:

say i pinged server2 192.168.2.1
and i changed my subnet mask from 24 to 16
ping srv2 with using DNS server but arp shows this:

Internet Address Physical Address Type
192.168.1.1 00-e0-18-04-96-af dynamic
192.168.1.2 00-15-2b-e6-fe-41 dynamic gateway
192.168.1.10 00-30-48-60-37-2c dynamic
192.168.1.13 00-00-74-d4-8a-95 dynamic
192.168.1.18 00-1b-fc-35-c0-73 dynamic
192.168.1.93 00-e0-81-2a-fa-d3 dynamic
192.168.2.1 00-15-2b-e6-fe-41 dynamic server 2 ip

this proves that Proxy Arp is enabled on the gateway correct!!!!!!!!